Notion by ClawLink
ReviewAudited by ClawScan on May 16, 2026.
Overview
This Notion integration uses ClawLink OAuth and can change workspace content, but the artifacts disclose that behavior and include confirmation steps for risky writes.
Before installing, make sure you trust ClawLink and the ClawLink plugin, connect only the Notion workspace you intend to use, and carefully approve any requested write, destructive, external-facing, or bulk action.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The integration's real runtime behavior depends on the ClawLink plugin and live ClawLink tools, which were not part of the reviewed files.
The skill depends on an external plugin that is not included in this artifact set. The installation is explicit and user-directed, so this is a supply-chain notice rather than a concern.
Install the verified ClawLink plugin: `openclaw plugins install clawhub:clawlink-plugin`
Install the plugin only from the intended ClawHub source and review ClawLink's documentation, verification page, and requested permissions before pairing.
Once connected, the agent may use the user's authorized Notion access to read or change workspace content within the granted permissions.
The skill requires the user to authorize Notion through ClawLink, giving the integration account-level access according to the approved Notion scopes.
ClawLink's hosted page runs the Notion OAuth flow — the user clicks through the Notion login and authorization screen.
Approve only the intended Notion workspace and scopes, use least-privilege permissions where available, and revoke the connection if you no longer use the skill.
If the user approves a write, the agent can create or update Notion pages, database records, or comments through ClawLink.
The skill allows dynamic tool execution against Notion, including write operations, but it also includes preview and confirmation safeguards for writes and risky actions.
For writes or anything marked as requiring confirmation, call `clawlink_preview_tool` first, then confirm with the user. Execute with `clawlink_call_tool`.
Review previews carefully before confirming writes, destructive changes, public-facing changes, or bulk updates.